Spy-Sense: Spyware Tool for Executing Stealthy Exploits Against Sensor Networks presented at BlackhatUSA 2011

by Thanassis Giannetsos,

URL : https://media.blackhat.com/bh-us-11/Giannetsos/BH_US_11_Giannetsos_SpySense_Spyware_Slides.pdf

Summary : As the domains of pervasive computing and sensor networking are expanding, a new era is about to emerge, enabling the design and proliferation of intelligent sensor-based applications. At the same time, sensor network security is a very important research area whose goal is to maintain a high degree of confidentiality, integrity and availability of both information and network resources. However, a common threat that is often overlooked in the design of secure sensor network applications is the existence of spyware programs. As most works try to defend against adversaries who plan to physically compromise sensor nodes and disrupt network functionality, the risk of spyware programs and their potential for damage and information leakage is bound to increase in the years to come.
This work demonstrates Spy-Sense, a spyware tool that allows the injection of stealthy exploits in the nodes of a sensor network. Spy-Sense is undetectable, hard to recognize and get rid of, and once activated, it runs discretely in the background without interfering or disrupting normal network operation. It provides the ability of executing a stealthy exploit sequence that can be used to achieve the intruder's goals while reliably evading detection. To the best of our knowledge, this is the first instance of a spyware program that is able to crack the confidentiality and functionality of a sensor network. By exposing the vulnerabilities of sensor networks to spyware attacks, we hope to instigate iscussion on these critical issues because sensor networks will never succeed without adequate provisions on security and privacy.